Skip to content

Commit

Permalink
Merge branch 'main' into node-hashicorp-vault-keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@PierreBesson
PierreBesson authored Mar 10, 2022
2 parents 4d262d0 + d1d8070 commit 733fd11
Show file tree
Hide file tree
Showing 20 changed files with 472 additions and 9 deletions.
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,4 @@ Parity's [Kubernetes Helm](https://helm.sh/) charts collection.
- [Common](charts/common/README.md): a generic helm chart for kubernetes
- [Node](charts/node/README.md): deploy Substrate/Polkadot nodes
- [Substrate telemetry](charts/substrate-telemetry/README.md): deploy Substrate Telemetry for the nodes
- [Introspector](charts/introspector/README.md): deploy introspector for the nodes
2 changes: 1 addition & 1 deletion charts/common/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
version: 0.1.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
3 changes: 2 additions & 1 deletion charts/common/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,5 @@

add templates for:
- configmaps
- liveness and readiness probes
- serviceMonitor
- prometheusRules
12 changes: 6 additions & 6 deletions charts/common/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,14 @@ spec:
- name: http
containerPort: {{ .Values.service.containerPort }}
protocol: TCP
{{- with .Values.livenessProbe }}
livenessProbe:
httpGet:
path: /ping
port: http
{{- toYaml . | trim | nindent 12 }}
{{- end }}
{{- with .Values.readinessProbe }}
readinessProbe:
httpGet:
path: /ping
port: http
{{- toYaml . | trim | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
env:
Expand Down
20 changes: 20 additions & 0 deletions charts/common/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,26 @@ tolerations: []

affinity: {}

## Controller Container liveness/readiness probe configuration
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
livenessProbe: {}
# failureThreshold: 3
# successThreshold: 1
# initialDelaySeconds: 0
# timeoutSeconds: 1
# tcpSocket:
# port: 80
# periodSeconds: 10

readinessProbe: {}
# failureThreshold: 3
# successThreshold: 1
# initialDelaySeconds: 0
# timeoutSeconds: 1
# tcpSocket:
# port: 80
# periodSeconds: 10

persistence:
enabled: false
accessModes:
Expand Down
4 changes: 3 additions & 1 deletion charts/node/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ node:
| `node.collator.relayChainFlags` | Relay-chain node flags other than `--name` (set from the helm release name), `--base-path` and `--chain` | `nil` |
| `node.resources.limits` | The resources limits (cpu/memory) for nodes | `{}` |
| `node.podManagementPolicy` | The pod management policy to apply to the StatefulSet, set it to `Parallel` to launch or terminate all Pods in parallel, and not to wait for pods to become Running and Ready or completely terminated prior to launching or terminating another pod | `{}` |
| `node.pruning` | The amount of blocks to retain. Set to a number or set to 0 for `--pruning=archive` . | `nil` |
| `node.resources.requests` | The resources requests (cpu/memory) for nodes | `{}` |
| `node.serviceMonitor.enabled` | If true, creates a Prometheus Operator ServiceMonitor | `false` |
| `node.serviceMonitor.namespace` | Prometheus namespace | `nil` |
Expand All @@ -113,7 +114,8 @@ node:
| `node.perNodeServices.relayServiceAnnotations` | Annotations to be inserted into the relay chain service | `{}` |
| `node.perNodeServices.paraServiceAnnotations` | Annotations to be inserted into the para chain service | `{}` |
| `node.perNodeServices.setPublicAddressToExternalIp.enabled` | If true sets the `--public-addr` flag to be the NodePort p2p services external address | `false` |
| `node.perNodeServices.setPublicAddressToExternalIP.ipRetrievalServiceUrl` | The external service to return the NodePort IP | `https://ifconfig.io` |
| `node.perNodeServices.setPublicAddressToExternalIP.ipRetrievalServiceUrl` | The external service to return the NodePort IP | `https://ifconfig.io` | =======


### Other parameters

Expand Down
9 changes: 9 additions & 0 deletions charts/node/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,15 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
chain: {{ .Values.node.chain }}
role: {{ .Values.node.role }}
{{- if or .Values.node.pruning ( not ( kindIs "invalid" .Values.node.pruning ) ) }}
{{- if ge ( int .Values.node.pruning ) 1 }}
pruning: {{ ( int .Values.node.pruning ) }}
unsafe-pruning: true
{{- else if and ( not ( kindIs "invalid" .Values.node.pruning ) ) ( eq 0 ( int .Values.node.pruning ) ) }}
pruning: archive
unsafe-pruning: false
{{- end }}
{{- end }}
{{- with .Values.extraLabels }}
{{ toYaml . }}
{{- end }}
Expand Down
6 changes: 6 additions & 0 deletions charts/node/templates/statefulset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -321,6 +321,12 @@ spec:
{{- if or (eq .Values.node.role "authority") (eq .Values.node.role "validator") }}
--validator \
{{- end }}
{{- if ge ( int .Values.node.pruning ) 1 }}
--unsafe-pruning \
--pruning={{ .Values.node.pruning }} \
{{- else if and ( not ( kindIs "invalid" .Values.node.pruning ) ) ( eq 0 ( int .Values.node.pruning ) ) }}
--pruning=archive \
{{- end }}
{{- if eq .Values.node.role "collator" }}
--collator \
{{- end }}
Expand Down
1 change: 1 addition & 0 deletions charts/node/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,7 @@ node:
# vaultKey: key
persistGeneratedNodeKey: false
#customNodeKey: ""
# pruning: 1000
resources: {}
serviceMonitor:
enabled: false
Expand Down
23 changes: 23 additions & 0 deletions charts/polkadot-introspector/.helmignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
6 changes: 6 additions & 0 deletions charts/polkadot-introspector/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: v2
name: polkadot-introspector
description: A Helm chart to deploy polkadot-introspector
type: application
version: 0.1.0
appVersion: "0.1.0"
39 changes: 39 additions & 0 deletions charts/polkadot-introspector/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
# Polkadot introspector helm chart

The helm chart installs Polkadot introspector. The repo is located in https://github.com/paritytech/polkadot-introspector.

## Installing the chart

```console
helm repo add parity https://paritytech.github.io/helm-charts/
helm install polkadot-introspector parity/polkadot-introspector
```

## Parameters

### Common parameters

| Parameter | Description | Default |
|---------------------|----------------------------------------------------------------------------|--------------------------------|
| `nameOverride` | String to partially override node.fullname | `nil` |
| `fullnameOverride` | String to fully override node.fullname | `nil` |
| `imagePullSecrets` | Labels to add to all deployed objects | `[]` |
| `podAnnotations` | Annotations to add to pods | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `tolerations` | Tolerations for pod assignment | `[]` |
| `affinity` | Affinity for pod assignment | `{}` |
| `extraLabels` | Tolerations for pod assignment | `[]` |
| `replicas` | Number of replicas | `1` |
| `extraLabels ` | Extra labels to add in all resources | `{}` |
| `serviceMonitor.enabled` | If true, creates a Prometheus Operator ServiceMonitor | `false` |
| `serviceMonitor.internal` | Prometheus scrape interval | `1m` |
| `serviceMonitor.scrapeTimeout` | Prometheus scrape timeout | `30s` |
| `serviceMonitor.targetLabels` | Transfers labels on Kubernetes onto the metrics | `[]` |

### Introspector parameters

| Parameter | Description | Default |
|-------------------------------|----------------------------------------------------------|--------------------------------------------------------------------|
| `introspector.role` | Main subcommand to use by introspector | `block-time-monitor` |
| `introspector.rpcNodes` | List of RPC nodes to connect when in block-time-monitor | `wss://rpc.polkadot.io:443,wss://kusama-rpc.polkadot.io:443` |
| `introspector.prometheusPort` | Prometheus Port to expose the metrics | `9615` |
26 changes: 26 additions & 0 deletions charts/polkadot-introspector/templates/NOTES.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "polkadot-introspector.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "polkadot-introspector.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "polkadot-introspector.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "polkadot-introspector.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
{{- if contains "block-time-monitor" .Values.introspector.role }}

2. To view the block production time via different RPC nodes
echo "Visit http://127.0.0.1:{{ .Values.introspector.prometheusPort }}/metrics to view the metrics"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME {{ .Values.introspector.prometheusPort }}:{{ .Values.introspector.prometheusPort }}
{{- end }}
{{- end }}
65 changes: 65 additions & 0 deletions charts/polkadot-introspector/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "polkadot-introspector.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "polkadot-introspector.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "polkadot-introspector.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Common labels
*/}}
{{- define "polkadot-introspector.labels" -}}
helm.sh/chart: {{ include "polkadot-introspector.chart" . }}
{{ include "polkadot-introspector.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.extraLabels }}
{{ toYaml . }}
{{- end }}
{{- end }}

{{/*
Selector labels
*/}}
{{- define "polkadot-introspector.selectorLabels" -}}
app.kubernetes.io/name: {{ include "polkadot-introspector.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the service account to use
*/}}
{{- define "polkadot-introspector.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "polkadot-introspector.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
69 changes: 69 additions & 0 deletions charts/polkadot-introspector/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "polkadot-introspector.fullname" . }}
labels:
{{- include "polkadot-introspector.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicas }}
selector:
matchLabels:
{{- include "polkadot-introspector.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "polkadot-introspector.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "polkadot-introspector.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["/bin/sh"]
args:
- -c
- |
exec polkadot-introspector \
{{- if eq .Values.introspector.role "block-time-monitor"}}
block-time-monitor \
--ws {{ join "," .Values.introspector.rpcNodes }} \
prometheus --port {{ .Values.introspector.prometheusPort }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.introspector.prometheusPort }}
protocol: TCP
livenessProbe:
httpGet:
path: /metrics
port: http
readinessProbe:
httpGet:
path: /metrics
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
Loading

0 comments on commit 733fd11

Please sign in to comment.